##// END OF EJS Templates
authn: Import legacy authentication modules and invoke their includeme.
johbo -
r130:8bc9b961 default
parent child Browse files
Show More
@@ -1,96 +1,109 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2012-2016 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 import logging
22 import importlib
22 23
23 24 from pkg_resources import iter_entry_points
24 25 from pyramid.authentication import SessionAuthenticationPolicy
25 26
26 27 from rhodecode.authentication.registry import AuthenticationPluginRegistry
27 28 from rhodecode.authentication.routes import root_factory
28 29 from rhodecode.authentication.routes import AuthnRootResource
29 30 from rhodecode.config.routing import ADMIN_PREFIX
30 31 from rhodecode.model.settings import SettingsModel
31 32
32 33 log = logging.getLogger(__name__)
33 34
34 35
35 36 # TODO: Currently this is only used to discover the authentication plugins.
36 37 # Later on this may be used in a generic way to look up and include all kinds
37 38 # of supported enterprise plugins. Therefore this has to be moved and
38 39 # refactored to a real 'plugin look up' machinery.
39 40 # TODO: When refactoring this think about splitting it up into distinct
40 41 # discover, load and include phases.
41 42 def _discover_plugins(config, entry_point='enterprise.plugins1'):
42 43 _discovered_plugins = {}
43 44
44 45 for ep in iter_entry_points(entry_point):
45 46 plugin_id = 'egg:{}#{}'.format(ep.dist.project_name, ep.name)
46 47 log.debug('Plugin discovered: "%s"', plugin_id)
47 48 module = ep.load()
48 49 plugin = module(plugin_id=plugin_id)
49 50 config.include(plugin.includeme)
50 51
51 52 return _discovered_plugins
52 53
53 54
54 55 def _discover_legacy_plugins(config, prefix='py:'):
55 56 auth_plugins = SettingsModel().get_setting_by_name('auth_plugins')
56 57 enabled_plugins = auth_plugins.app_settings_value
57 58 legacy_plugins = [id_ for id_ in enabled_plugins if id_.startswith(prefix)]
58 59
59 log.debug('Trying to load these legacy authentication plugins {}'.format(
60 log.debug('Importing these legacy authentication plugins {}'.format(
60 61 legacy_plugins))
61 62
63 for plugin_id in legacy_plugins:
64 module_name = plugin_id.split(prefix, 1)[-1]
65 try:
66 log.debug('Import %s', module_name)
67 module = importlib.import_module(module_name)
68 plugin = module.plugin_factory(plugin_id=plugin_id)
69 config.include(plugin.includeme)
70 except ImportError as e:
71 log.error(
72 'Error while importing legacy authentication plugin '
73 '"{}": {}'.format(plugin_id, e.message))
74
62 75
63 76 def includeme(config):
64 77 # Set authentication policy.
65 78 authn_policy = SessionAuthenticationPolicy()
66 79 config.set_authentication_policy(authn_policy)
67 80
68 81 # Create authentication plugin registry and add it to the pyramid registry.
69 82 authn_registry = AuthenticationPluginRegistry(config.get_settings())
70 83 config.add_directive('add_authn_plugin', authn_registry.add_authn_plugin)
71 84 config.registry.registerUtility(authn_registry)
72 85
73 86 # Create authentication traversal root resource.
74 87 authn_root_resource = root_factory()
75 88 config.add_directive('add_authn_resource',
76 89 authn_root_resource.add_authn_resource)
77 90
78 91 # Add the authentication traversal route.
79 92 config.add_route('auth_home',
80 93 ADMIN_PREFIX + '/auth*traverse',
81 94 factory=root_factory)
82 95 # Add the authentication settings root views.
83 96 config.add_view('rhodecode.authentication.views.AuthSettingsView',
84 97 attr='index',
85 98 request_method='GET',
86 99 route_name='auth_home',
87 100 context=AuthnRootResource)
88 101 config.add_view('rhodecode.authentication.views.AuthSettingsView',
89 102 attr='auth_settings',
90 103 request_method='POST',
91 104 route_name='auth_home',
92 105 context=AuthnRootResource)
93 106
94 107 # Auto discover authentication plugins and include their configuration.
95 108 _discover_plugins(config)
96 109 _discover_legacy_plugins(config)
General Comments 0
You need to be logged in to leave comments. Login now